Hide Idle (>14 d.) Chans

← 2016-08-16 | 2016-08-18 →
01:04 trinque http://www.cnet.com/news/snowden-nsa-hack-russia-warning-election-democratic-party/ << Snowden wrote the "circumstantial evidence and conventional wisdom" suggested Russia was behind the alleged hack.
01:04 trinque wahahaha
01:05 trinque that and the puppeteer's hand up his ass.
~ 43 minutes ~
01:49 mircea_popescu the more i'm thinking about it, the more it becomes obvious you're trying to split this wood ( http://btcbase.org/log/2016-08-16#1522843 ) in the right place alf.
01:49 a111 Logged on 2016-08-16 21:36 asciilifeform: mircea_popescu: i had two arguments. one is that it dramatically simplifies the design of the cryptotron. (essentially becomes a mildly scriptable bignum calculator.)
01:49 mircea_popescu lol shinohai did you talk to her ?
01:52 mircea_popescu o btw phf, you aware of http://btcbase.org/log/2016-07-22#1508571 ? you never said anything. more generally, do you see the value in a ticket set for a111 on mod6 's thing ?
01:52 a111 Logged on 2016-07-22 12:20 mircea_popescu: http://btcbase.org/log/2016-07-21#1508508 << how about it phf, see the merit of having a111 archive.is every link it sees, downloading the zip and then presenting a [cached] [saved] pair of links after the line ?
01:54 mircea_popescu http://btcbase.org/log/2016-08-17#1522996 << yeah, i yield the point ; seems alf's theory prevails. at some point the guy was gutted, the skin made hand puppet.
01:54 a111 Logged on 2016-08-17 05:05 trinque: that and the puppeteer's hand up his ass.
02:04 mircea_popescu and in other news from the sisterhood, http://67.media.tumblr.com/45c62719f6c8ded816b1083ae619ff34/tumblr_mhmfbiYIHz1qlnecbo1_500.gif
02:16 mircea_popescu oh also, old lulz is best lulz : https://archive.is/VuxeK
02:17 mircea_popescu quora, a place for people to be lesswrong together.
02:17 mircea_popescu as in "you're not even wrong, you're lesswrong."
~ 40 minutes ~
02:57 BingoBoingo ;;tslb
02:57 gribble Time since last block: 49 minutes and 12 seconds
~ 15 minutes ~
03:12 mircea_popescu incidentally, what the fuck are people on about with "full blocks" ? past 8 hours average load is 900ish kb.
03:13 mircea_popescu as there's not a single 0 tx block in there, seems the fee market has actually done a lot to fix various historical mining problems.
03:16 mircea_popescu also, remember the pre-attacking mp days of f2pool + antpool ? back in march ?
03:16 mircea_popescu lo and behold that by august those two barely hold on to a third ; and there's a dozen or so pools over 1%.
03:17 mircea_popescu this experience should be informative for future braves.
~ 2 hours 29 minutes ~
05:47 Framedragger http://btcbase.org/log/2016-08-15#1521810 << also see https://evil32.com/
05:47 a111 Logged on 2016-08-15 13:14 asciilifeform: http://btcbase.org/log/2016-08-15#1521780 << these take at worst a ~week of (a very modest) cpu, to generate.
05:47 Framedragger "It takes 4 seconds to generate a colliding 32bit key id on a GPU (using scallion). Key servers do little verification of uploaded keys and allow keys with colliding 32bit ids. Further, GPG uses 32bit key ids throughout its interface and does not warn you when an operation might apply to multiple keys."
05:53 Framedragger https://twitter.com/PHP_CEO/status/765298072691806209 (credit for finding goes to punkman)
~ 1 hours 52 minutes ~
07:45 BingoBoingo <mircea_popescu> also, remember the pre-attacking mp days of f2pool + antpool ? back in march ? << What? History and the future were ever different from now?
07:50 thestringpuller no man's sky is what happens when you try to live off the hype
~ 1 hours 3 minutes ~
08:54 asciilifeform in other noose, http://bitcoinstats.com/irc/bitcoin-otc/logs/2016/08/17
08:54 asciilifeform ' Hasimir and the "corrupt keys" FUD raised semi-regularly by certain people in another bitcoin channel is just that; ill-informed FUD'
08:55 asciilifeform $rated Hasimir
08:55 deedbot asciilifeform has not rated Hasimir.
08:55 asciilifeform trinque: odd, not all old rating were imported ?
08:56 asciilifeform $key Hasimir
08:56 deedbot http://wotpaste.cascadianhacker.com/r/ccf8acf9-642a-4d7f-85c8-d0a41ca47287/
08:56 asciilifeform $rate Hasimir -1 https://archive.is/hfEBt or inquire within.
08:57 deedbot Get your OTP: http://wotpaste.cascadianhacker.com/r/45a34666-3221-43d7-a085-424c8c5938e8/
08:57 asciilifeform $v F2DCC16A07073BBF822F2A74E9DF01ACD5E4F588D52BCF0647B61BC16D8CB908
08:57 deedbot asciilifeform rated Hasimir -1 << https://archive.is/hfEBt or inquire within.
~ 19 minutes ~
09:17 Framedragger asciilifeform: well, it is true that if you use (semi)sane software for dealing with openpgp, all the diddled keys won't cause a problem for ya.
09:18 Framedragger (not that this makes phuctor any less worthy of a project)
09:18 Framedragger ("random js pgp crap" does not belong in the "(semi)sane software for dealing with openpgp" set)
09:25 asciilifeform Framedragger: i'm more interested in the 'fact of' somebody taking advantage of the js idiots, than in the item per se.
09:26 asciilifeform ditto the null rng keys
09:29 Framedragger asciilifeform: ok, fair enough, hm
09:33 asciilifeform $up boolcrap1
09:33 deedbot boolcrap1 voiced for 30 minutes.
09:33 asciilifeform find yer key, boolcrap1
09:33 boolcrap1 i actually finally got a new motherboard
09:34 boolcrap1 that was the first step.
09:34 boolcrap1 its not lost, i just need to plug in that disk
09:35 boolcrap1 i really need to find my phone tho, is there a tool that can locate metal on the ground in a wide area?
~ 23 minutes ~
09:58 asciilifeform boolcrap1: the tool is called 'squad of duded with minesweepers'
09:58 asciilifeform *dudes
09:59 asciilifeform http://btcbase.org/log/2016-08-17#1523011 << afaik there is no fee market. there is folks slicing off underfee'd crapolade ad-hoc, but it is not same thing.
09:59 a111 Logged on 2016-08-17 07:13 mircea_popescu: as there's not a single 0 tx block in there, seems the fee market has actually done a lot to fix various historical mining problems.
10:05 asciilifeform http://btcbase.org/log/2016-08-17#1523013 << public hashrate tables can be made to look like anything you like - it is kindergarten-level spamatronics
10:05 a111 Logged on 2016-08-17 07:16 mircea_popescu: lo and behold that by august those two barely hold on to a third ; and there's a dozen or so pools over 1%.
10:05 asciilifeform any pool can, if it wishes, turn into 'smaller pool and N new pools of 1%' overnight.
~ 21 minutes ~
10:27 asciilifeform https://theshadowbrokers.tumblr.com << deleted.
10:27 asciilifeform ^ in other noose.
10:28 asciilifeform in yet other noose,
10:28 asciilifeform <gribble> Sent 13 minutes ago: <Hasimir> a lot of allegations were made based on some corrupted data found on a single keyserver, yet none of the challenges or even queries from regular posters to gnupg-users were even responded to.
10:28 asciilifeform <gribble> Sent 12 minutes ago: <Hasimir> Back it up with verifiable evidence, otherwise there's nothing but FUD. If you're serious about proving it, I'll go find the challenges in the archives; if not I guess I'll only see IRC ranting
10:41 asciilifeform for aficionados of pig wrestin', http://bitcoinstats.com/irc/bitcoin-otc/logs/2016/08/17#l1471444503.0
~ 1 hours 18 minutes ~
11:59 mats lol
12:02 mats dear god
12:05 asciilifeform https://archive.is/LlaNh << further völkischer beobachter lulz.
12:06 asciilifeform '“Without a doubt, they’re the keys to the kingdom,” said one former TAO employee, who spoke on the condition of anonymity to discuss sensitive internal operations. “The stuff you’re talking about would undermine the security of a lot of major government and corporate networks both here and abroad.”'
12:07 mircea_popescu http://btcbase.org/log/2016-08-17#1523019 < heh.
12:07 a111 Logged on 2016-08-17 11:45 BingoBoingo: <mircea_popescu> also, remember the pre-attacking mp days of f2pool + antpool ? back in march ? << What? History and the future were ever different from now?
12:08 mircea_popescu http://btcbase.org/log/2016-08-17#1523022 << what the shit is this lmao
12:08 a111 Logged on 2016-08-17 12:54 asciilifeform: ' Hasimir and the "corrupt keys" FUD raised semi-regularly by certain people in another bitcoin channel is just that; ill-informed FUD'
12:08 trinque $s from:asciilifeform !rate Hasimir
12:08 a111 -1 results for "from:asciilifeform !rate Hasimir", http://btcbase.org/log-search?q=from%3Aasciilifeform%20!rate%20Hasimir
12:08 mircea_popescu -1 results ?!
12:08 mircea_popescu ahahahah
12:08 asciilifeform l0l!!
12:08 mircea_popescu this is one hell of a morning.
12:08 trinque there! you see!?
12:08 trinque ahaha
12:09 mircea_popescu $rated hasimir
12:09 deedbot mircea_popescu rated hasimir 1 at 2015/05/21 21:29:19 << Ben McGinnes, aparently the new treasurer of Pirate Party Australia
12:09 mircea_popescu $rate hasimir -1 Ill informed idiot.
12:09 deedbot Get your OTP: http://wotpaste.cascadianhacker.com/r/c65d97d5-dcad-475f-8e48-28fdd8b8ea15/
12:10 * asciilifeform took the chance of trying to cure the schmuck, see linked heathen l0g. did not, of course, have any effect.
12:10 mircea_popescu $v 58874FFB68E2C30BAAB111CE578ACFD4BD388435131A1ABE7EF454692B7C335F
12:10 deedbot mircea_popescu updated rating of hasimir from 1 to -1 << Ill informed idiot.
12:10 mircea_popescu asciilifeform by now there's a bunch of wanna-be this chan scattered around huh.
12:10 asciilifeform evidently.
12:10 mircea_popescu amusingly, they copy only the pretense with none of the substance.
12:11 mircea_popescu aaaanyway.
12:11 asciilifeform what else can cargocult do. you expected a working plane ?
12:11 mircea_popescu notrly.
12:12 mircea_popescu http://btcbase.org/log/2016-08-17#1523032 << there is a major difference between scientific speech and political speech. i don't care about the stupid conclusions random nobody arrives at. the moment however he emits judgements of value that happen to contradict mine, i no longer care HOW he arrived at them, merely that he stated them.
12:12 a111 Logged on 2016-08-17 13:17 Framedragger: asciilifeform: well, it is true that if you use (semi)sane software for dealing with openpgp, all the diddled keys won't cause a problem for ya.
12:13 mircea_popescu evidently, the socialist party does the exact same thing. for reasons of habit however, it doesn't irk you when they do it ; only when we do it.
12:13 mircea_popescu it is not sufficient for this habit to be removed ; it actually has to be reversed.
12:13 mircea_popescu when $empire$ does it, let it irk you ; when $republic$ does it, let you not notice.
12:14 asciilifeform sorta like the loon in -otc thread, who brought up 'sipa's head' as an... argument
12:14 asciilifeform heathen is not the least bit bothered by the heads usg removes each day.
12:14 mircea_popescu i dun intend to read all that.
12:14 asciilifeform mircea_popescu: you aint missing much
12:14 * danielpbarron is banned from the linked channel, as well as -dev and -assets :D
12:14 mircea_popescu why, you killed sipa ?
12:15 danielpbarron not as good a pig wrestler as asciilifeform I guess
12:15 asciilifeform danielpbarron: http://wotpaste.cascadianhacker.com/pastes/142806f4-9e5b-4698-ae77-f6aa13ac31d5/?raw=true << if you want.
12:16 mircea_popescu http://btcbase.org/log/2016-08-17#1523044 << a) not much metal in phone ; b) yes, treasure hunters keep going beachcombing etc with it.
12:16 a111 Logged on 2016-08-17 13:35 boolcrap1: i really need to find my phone tho, is there a tool that can locate metal on the ground in a wide area?
12:16 asciilifeform mircea_popescu: ipnoje is a thick aluminum can.
12:16 mircea_popescu there is that.
12:16 danielpbarron asciilifeform, thanks but I mean i've had /mode +b set on me in all three channels at some point, not that I can't read the public log, or even re-join today. Although my IP does appear to be banned from accessing b-a public log
12:17 asciilifeform danielpbarron: congrats?
12:17 asciilifeform rare honour.
12:17 danielpbarron ty
12:17 mircea_popescu http://btcbase.org/log/2016-08-17#1523051 << sure, theoretically.
12:17 a111 Logged on 2016-08-17 14:05 asciilifeform: any pool can, if it wishes, turn into 'smaller pool and N new pools of 1%' overnight.
12:18 asciilifeform ^ aha, and ergo public 'pool stats' are approx. as interesting as what 'snowden tweeted'
12:18 mircea_popescu of course, the general point here being that we're seeing a lot of suboptimal allocation. why the fuck are you doing the job of sm gurlz, and poorly, alfie ?
12:18 mircea_popescu they can't do the job of you.
12:19 asciilifeform what's a sm gurl
12:19 danielpbarron social media, /me guesses
12:19 mircea_popescu ^
12:19 danielpbarron aka pig wrestling
12:20 asciilifeform well i dun have a stable of gurlz, and so end up like the folks in the old german '1 man bands', with toe-operated drum, arse-operated trumpet, cock cymbal, etc.
12:20 mircea_popescu lmao these fucking idiots.
12:20 mircea_popescu "I doubt this will ever happen. Even he never cracked any PGP keys at all, the FUD he spread around was a nice way to get some free advertising. Look, people saying his name on gnupg and enigmail lists, which are quite popular I believe."
12:20 mircea_popescu are these dudebros totally fucking deluded ? for gawker tards to imagine (wrongly) that gawker sees more traffic than trilema is one thing.
12:21 mircea_popescu but really, obscure open sores neckbeards on a nowhere list ? what the FUCK is wrong with brains that makes them rot so.
12:21 mircea_popescu asciilifeform question is why would you.
12:22 asciilifeform normally i ignore the peanut gallery. on occasion it leaks in through the keyhole (the inmates take the effort to write to me) and so pig fuck visit.
12:22 Framedragger http://btcbase.org/log/2016-08-17#1523089 << point of frustration acknowledged; however, ftr it *does* irk me when $empire$ does it; i don't point fingers at *that* here because there's a point of exhaustion and tiredness re. the latter (*not* learned helplessness / acceptance, note), and it appears to be sufficiently covered by others here :)
12:22 a111 Logged on 2016-08-17 16:13 mircea_popescu: evidently, the socialist party does the exact same thing. for reasons of habit however, it doesn't irk you when they do it ; only when we do it.
12:23 * mircea_popescu marks down august the 17th, that lulzy day when some idjit thought enigmail is "popular"
12:23 Framedragger (also, ha, just saw the star wars parallel)
12:23 mircea_popescu Framedragger so they win by exhaustion ?
12:23 asciilifeform re the 'dudebros', it is part of the 'we control the vertical and the horizontal' disease. notice, if you read the heathen log, how... novel, how foreign the idea of ~downloading the keys~ and ~multiplying the factors~ seemed to these folks.
12:23 Framedragger nono they do not win; but i don't feel like articulating their shit every time it happens
12:23 mircea_popescu cuz it's kinda the principle, yes, empire is founded on the principle of "never argue with idiots" : they aim to exhaust everyone who knows better and then do their dumb shit.
12:23 Framedragger (maybe it should be done; but again, it appears to be covered by others, incl. qntra)
12:23 asciilifeform 'whaddayamean actually replicating. facts are enacted by pronouncement! and our pronouncement arse outranks yours! '
12:24 Framedragger mircea_popescu: yeah there's a slippery slope there, i guess.
12:24 mircea_popescu asciilifeform except it doesn't. it's almost exactly like random third world shithole, where random dude literally dying of hunger imagines "his pronouncement arse outranks mine". and then obv it's unfair when his daughter prefers to run away from home.
12:25 mircea_popescu Framedragger more importantly though, do you see some goal here ? or trying to accomplish something ?
12:25 trinque asciilifeform: they're a class of mimics; of course they don't know or care where facts originate.
12:25 mircea_popescu political speech is going to be political speech ; you aim to change that ? or what is your investment exactly ?
12:25 asciilifeform mircea_popescu: the rando pictures himself as 'playing on the team', like the fat ball game watcher described in mircea_popescu's article on subj
12:26 mircea_popescu trinque yeah, sure, the equivalent of vampyr, the junior high vampire cca 1990. problem is, junior high vampire doesn't actually believe there's 85,7 mn people going to his highschool, nor that the population on campus grounds exceeds that of guangzou
12:26 asciilifeform where was that greek gestapo quote...
12:26 Framedragger mircea_popescu: i currently refuse to articulate explicit alignments. but, i contend that i should have interpreted that dood's speech on #bitcoin-otc as political speech
12:26 asciilifeform the one where 'america is with us, you are a fool to resist'
12:27 Framedragger mircea_popescu: and hence my remark was useless, +/-
12:27 mircea_popescu Framedragger i dun care about all that ; i'm more interested about the philosophic angle to it.
12:27 mircea_popescu so ... is it... wrong that some statements proceed from authority ?
12:27 mircea_popescu asciilifeform was greek equiv, 1980s
12:27 asciilifeform http://btcbase.org/log/2016-07-07#1498863 <<
12:27 a111 Logged on 2016-07-07 18:09 mircea_popescu: here's something for the historian in alf! there's ancient statement of the principle, recorded in 1970 milwaukee journal : "You make yourself ridiculous by thinking you can do anything. The word is divided in two. The Russians and the Americans, no one else. What are we? Americans. Behind me there is the government, behind the government is NATO, behind NATO is the US. You can't fight us, we are Americans."
12:28 mircea_popescu asciilifeform only thing is, back then the us was run by reagan and i more or less liked it.
12:28 mircea_popescu certainly liked it a shitload more than kruschev's su. which is the fucking point the idiot elides. the LEADER is ~the only concern.
12:29 mircea_popescu who the fuck wants to be in the same room as "hrc"'s dead cooch.
12:29 asciilifeform and american supermax prison feels like paradise to a fella who sat in a kazakh zindan.
12:29 asciilifeform same idea.
12:30 mircea_popescu im not entirely persuaded by this. i can't really say i had it all that bad in romania at any point.
12:30 Framedragger mircea_popescu: hm. no. but i'm not mature enough for this discussion (you may say), e.g. i still harbour ideas about anarchism etc.
12:30 Framedragger there is a danger of one presupposing the veracity of their own's truths, but this isn't exactly an original thought or anything; just, well, i *do* observe yourself and alf defending the power of phuctor's results almost a priori as it were;
12:30 mircea_popescu Framedragger i wouldn't mind discussing this.
12:31 asciilifeform Framedragger: if you have a factual criticism of whichever phuctor output, this here's the place.
12:31 Framedragger as in, any claims to the contrary (of the power of those results) are attacked with such force that it hints at some kind of defensiveness; but perhaps this is precisely what it means to have a political position.
12:31 mircea_popescu i perceive the following problem : in my (rightful) bashing of idiocies (allinged around "colored coins", "dao" etc, that jazz) i distinctly hear the crushed hopes of people who look at those as a refuge from something else, specifically. i suspect it's hwqat you call "anarchists"
12:32 mircea_popescu there's two classes composing the support there. one, the wider, is plain idiots, of the us business major sort. the other, however, hopes to be saved from some darkness within or i dunno wtf.
12:33 mircea_popescu (on the sub-subject of "defending the power of phuctor's results" << it is entirely reactive. just as doctor defending the power of sanitation. in some contexts it's the only thing a doctor can say - and he can be rendered "ridiculous" by insisting on presenting him in that context, but really, the joke's on the unwashed.)
12:34 mircea_popescu (other than in a discussion with the sort of imbecile typified today by hasimir, i dunno either of us gives half a shit.)
12:34 Framedragger asciilifeform: apologies if i am mistaken here, but iirc phuctor was reported to have cracked some pgp keys when at that point in time none of the keys cracked had valid self-sigs. the presentation from tmsr (trilema/phuctor) to me appeared to have overstated the results, so to speak. (but then later subkeys with valid selfsigs were found, iirc). this isn't a technical point, i suppose.
12:35 mircea_popescu link to those reports then ?
12:35 mircea_popescu because my recollection is, me/alf/phuctor made some very careful statements, pinoy restated them wronglyt and proceeded to win the war with the strawmen.
12:35 Framedragger ah, hm
12:35 Framedragger sec
12:36 asciilifeform e.g., https://www.reddit.com/r/security/comments/36mi86/if_you_are_on_this_list_phuctor_may_have_your_pgp/crfol5x
12:36 asciilifeform https://news.ycombinator.com/threads?id=asciilifeform << other pinoy engagements re subj.
12:37 Framedragger (funnily enough, as regards authority, i regard 'tptacek very highly)
12:37 Framedragger (from that HN comment)
12:38 mircea_popescu "may have" is the contention ? or ?
12:39 Framedragger (i'm sorry for being slow here, multitasking with too many tabs)
12:39 mircea_popescu no rush.
12:39 mircea_popescu the one true advantage of irc as we have it is that well... nobody's hanging on this thread.
12:41 phf Framedragger: i regarded ptacek very highly at some point, but can you point to something that ptacek/matasano did?
12:42 mircea_popescu who is this ? (excuse me, i'm new!)
12:42 phf for extra point, without doing a google search
12:42 phf mircea_popescu: orcland coloured pants heroes
12:42 mircea_popescu the... what ?!
12:43 Framedragger mircea_popescu: http://trilema.com/2015/more-factored-rsa-keys-and-assorted-other-considerations/#selection-467.207-467.303 << with regards to "may have", can't see how that could be a problem - would be non sequitur masturbation on my part for sure; but the selected text - "Some are not signed at all - which notably means that yes gpg will import, and yes gpg will use." - does gpg actually
12:43 Framedragger import subkeys with no valid self-sig? or am i misreading what is stated in the article? because to me those statements (in the broader context) are rendered into that meaning precisely.
12:43 mircea_popescu maybe alf's mp-generator dun work too well, but lo and behold - my phf-parser dun work half as much!
12:43 phf mircea_popescu: in orcland, we have game, we put colored pants on people, and let them be our heroes. their pants distinguish their status in hierarchy
12:43 asciilifeform Framedragger: phuctor, today as in 2013, is strictly a 'transform T was applied to input I, which you can get here and here, and produced output O, downloadable here' affair.
12:44 mircea_popescu Framedragger afaik it imports but warns, and you can run it in a context with warning supressed.
12:44 asciilifeform mircea_popescu: phf's ref is to iconic su mega-film , http://www.imdb.com/title/tt0091341
12:44 mircea_popescu oh oh oh.
12:44 asciilifeform seen by ~all ru-speaking folk alive.
12:44 mircea_popescu ok but can we be specifix plox!
12:44 Framedragger asciilifeform: oh i won't argue with that! well, of course. but say i took your pubkey and generated a subkey for it and uploaded that subkey (it wouldn't import into gpg). would you truly care?
12:45 asciilifeform 'yellow pants' is a byword, on ru-lang forumz, for 'ranking gentleman for no particular reason but shuddup and suck plebe'
12:45 mircea_popescu Framedragger suppose i do that, and i get a message from a woman who thinks i'm him, and take her out to coffee and she brings me seven children over thirty years.
12:45 mircea_popescu would he truly care then ?
12:45 Framedragger mircea_popescu: okay, fair point, then. i should have checked. (maybe i will, out of curiosity / concern). not that i have *too* much faith in gpg, sure
12:46 phf "could've checked" is the moto of reddit generation
12:46 mircea_popescu yes, we're adjusting the meaning of rsa-crypto to explicitly not care, as discussed yest. but this is novel.
12:46 mircea_popescu see eg http://btcbase.org/log/2016-08-16#1522801
12:46 a111 Logged on 2016-08-16 21:27 asciilifeform: mircea_popescu: you take an inch from enemy, but give him many more:
12:46 asciilifeform Framedragger: see also phuctor faq, recently updated with findings of several rubbish pgptrons which NEVER check selfsig.
12:47 Framedragger mircea_popescu: this then is a critique of sks keyservers, strictly. there was a thread on their ML, they rejected the idea of rejecting such subkeys (...)
12:47 mircea_popescu except from my pov i dun actually care to distinguish the cockroaches to the point of naming them
12:47 phf mircea_popescu: ptacek is a "security expert" and founder of a security company matasano. he posts a lot to hackernews, and is regarded as authority. a simple question "what did ptacek actually did" usually doesn't produce any answers though
12:47 mircea_popescu this disregard of the cockroach births register can't possibly be a criticism of me.
12:47 mircea_popescu phf ic.
12:48 Framedragger asciilifeform: yeah that is fair, too, though i maintain that anyone using any such implementation is an irrevocable shithead and phuctor won't do them much good anyway - but maybe it will, i don't know; and phuctor is a needed public service anyway (so i'm not arguing against that, ftr)
12:48 mircea_popescu phf in fairness, digging too deep into english space "authority" is never well advised. trump turns into "guy who ~squandered inheritance" for eg.
12:49 mircea_popescu i suppose i should say "colorfully squandered", makes it go full circle.
12:50 asciilifeform Framedragger: phuctor has very little to do with curing particular lepers.
12:50 Framedragger phf: matasano crypto challenges and the new crypto ctf thing he and others did (i didn't try it) are a great public service; i mean the challenges start simple in the beginning but if one followed them to the end, actual reading of recent crypto papers would be required etc.; surely that counts as something? he didn't pioneer anything in crypto, sure.
12:50 mircea_popescu oh oh they're the people with the crypto challenges ?
12:50 Framedragger phf: but he did produce a valuable corpus of comments on HN, incl. decisive critique of cryptocat, etc etc
12:51 Framedragger mircea_popescu: yeah, i mean, the dude thomas p tacek is, at least
12:51 asciilifeform i would even say that the bulk of the real win from phuctor existing is the exposure of the actual allegiances of the so-called 'security experts'.
12:51 phf so in other words he posts to hackernews a lot
12:51 mircea_popescu alright.
12:51 Framedragger "mp posts on his blog a lot"
12:51 mircea_popescu phf as long as he's not wrong...
12:52 phf Framedragger: that's not the only thing mp does though
12:52 Framedragger phf: bashing and critique of shitty crypto projects, calling out their authors (see discussions between tptacek and kaepora or however the other dood's nick is spelled) - they're a valuable public service
12:52 mircea_popescu sounds a lot like mpoe-pr by now.
12:52 mircea_popescu phf and if it were ?
12:52 Framedragger phf: yes, true, i know, but for some mp is "person who wrote lots of important text"
12:52 asciilifeform and hanno boeck also posts all day long to mailing list, with 'bug reports' (burned usg vulns)
12:53 asciilifeform also 'public service' ?
12:53 Framedragger asciilifeform: slippery slope fallacy
12:53 mircea_popescu damn. poor Framedragger , that "pure world, biaseless, untainted by rooting in authority" is crumbling so fast ;/
12:53 Framedragger asciilifeform: i claim that one can post actually valuable stuff, seen by other people; and one can post shit, and these categories can be distinguished.
12:53 mircea_popescu Framedragger ie, there is absolute value, IN words ?
12:53 mircea_popescu shall i quote voltaire to you ?
12:54 asciilifeform all i solidly know of the tptacek fella is his reaction to phuctor.
12:54 Framedragger mircea_popescu: god damn it, no.. i'm anti-essentialist anyway
12:54 asciilifeform which is quite the same as that of the rest of the 'seeek0000rity komyoonity'.
12:54 asciilifeform 'it never happened, and, oh, incidentally, hanno boeck! and hey craigwright is satoshi, and hey, big blox! and it never happened.'
12:55 Framedragger asciilifeform: look i won't fault you for pre-forming an opinion on tptacek and not spending your valuable time re-evaluating it. but such heuristic lumping of people into two camps is rather crude indeed. i know someone may reply "this serves tmsr's purposes well anyway, so what of it" - well, okay..
12:56 asciilifeform Framedragger: i went to visit the -otc heathen folk specifically to test my working hypothesis, of phuctor as an unfailing political litmus strip.
12:56 asciilifeform it did not fail.
12:56 asciilifeform found exactly what i expected to find.
12:56 Framedragger asciilifeform: ... "everyone who disagrees is usg stooge" is the vibe i'm getting; impossible to have an actual conversation then
12:56 asciilifeform 'disagree' is not the word.
12:56 mircea_popescu "Il est à remarquer que l'once d'argent ne vaut pas cent de nos sous valeur intrinsèque, comme le dit l'Histoire de la Chine; car il n'y a point de valeur intrinsèque numéraire; mais à prendre le marc de notre argent à 50 de nos livres de compte, cette somme revient à 1250 millions de notre monnaie en 1740" <<< he knows. in 1700!
12:56 asciilifeform 'there was no finding. and oh incidentally hanno boeck found the finding. and hey there was no finding.'
12:57 asciilifeform this is not 'disagree.' it has another name.
12:57 mircea_popescu Framedragger the reply isn't "this serves tmsr's purposes", but moreover, the reply is that he's in charge of his own household, and if he is making a mistake it'll hurt... him. and if the other made a mistake, evidently it'll hurt... the other.
12:57 Framedragger asciilifeform: one *could* maintain that there was no interesting finding for someone who trusts gpg import policy. and yes, a fool is he who trusts gpg; but a charitable interpretation of such an opinion is possible
12:58 asciilifeform Framedragger: observe the 'neverhappening' of the ssh key pops, which have 0 to do with gpg policy.
12:58 asciilifeform the latest derp pretended, quite vigorously, to have never seen it.
12:58 mircea_popescu "everyone who disagrees is usg stooge" <<< this is not the criterion. everyone who dresses his "position", which they don't even call disagreeing, IN THE SAME COLORED PANTS, evidently shops at the same shop. you see ?
12:58 asciilifeform ^.
12:59 Framedragger mircea_popescu: agree re no intrinsic value, incidentally. this does not nullify there being possible to distinguish valuable writing from shit writing, *within a framework of meaning* that we can all agree on.
12:59 phf mircea_popescu speaks from experience, of things that he have practiced. even mpoe-pr's rants were using internal mpoe practices as a model for argument. it's not clear that ptacek has any kind of similar standing, because we don't know what he did. he argues for best practices, which he could've as easily picked up from reading others. compare to, say, djb, who, when speaks about security, uses his extensive qmail (etc.) experience as
12:59 phf a foundation.
12:59 Framedragger asciilifeform: yes, okay, that... is bullshit, lol.
12:59 mircea_popescu on one hand you have people with the fixed part "disagreeing", who dress it up as they dress it ; on the other, you have the people with the fixed dress, who call "their position" as they may call it. these are very different, and the latter's easily disqualified.
12:59 phf just because he happens to say right words, doesn't mean that he's right.
12:59 mircea_popescu phf point taken.
13:00 mircea_popescu "i could be mp, i read all he wrote" "and if tomorrow mizdra lands with an alien submarine, what will you say as mp ? this hasn't happened in the past ALREADY, for you to life the quote"
13:00 mircea_popescu copies work well for the past, but who can copy the future...
13:00 Framedragger phf: so you don't regard matasano crypto challenges as anything worthy, then?
13:00 phf right, it's sort of a more sophisticated version of alice bot
13:01 Framedragger i need a longer conversation-thread-stack in my mind.
13:02 mircea_popescu #trilema, will rape your mind into a new shape.
13:02 asciilifeform Framedragger: ever see the sequel to bruce schneier's crypto encyclopaedia ?
13:02 asciilifeform Framedragger: the original was written when he was still something like an honest man.
13:02 Framedragger asciilifeform: no - interesting
13:02 asciilifeform the sequel - was almost wholly free of mathematics, and replete with 'best practice because my arse thusly spoke' crapolade.
13:02 mircea_popescu Framedragger the reason there's a lot of credence in phf's perhaps harsh criticism is http://trilema.com/2014/how-to-make-money-on-the-internet-while-pretending-you-know-what-youre-talking-about-and-accumulating-a-legion-of-mindless-followers-for-fun-and-profit/
13:02 Framedragger asciilifeform: (just ftr i don't think too much of bruce, either)
13:03 mircea_popescu this is a "business model", and in the shit the us is these days, it's actually a "premium" business model : establish "authority" of the purely wordy sort, then pivot.
13:03 asciilifeform it worked great, perhaps most recently - for yudkowsky.
13:04 asciilifeform and hell knows how many other charlatans.
13:04 Framedragger mircea_popescu: i mean.. i agree; i just don't agree that tptacek fits the category. sure, there are analogies, but then there exist analogies with mircea_popescu, too.
13:05 mircea_popescu on one hand there's the mfas, a number game, based on brute force. like say http://btcbase.org/log/2016-07-25#1509965 (showaround). on the othe rhand there's "authority blogs", like say gawker.
13:05 a111 Logged on 2016-07-25 21:41 mircea_popescu: basic "paid dating app" scam.
13:05 Framedragger asciilifeform: "the sequel - was almost wholly free of mathematics, and replete with 'best practice because my arse thusly spoke' crapolade." << okay, that's sad, and an educational case
13:05 mircea_popescu Framedragger im just saying in general, i myself have nfi who he is.
13:05 Framedragger right, right.
13:07 mircea_popescu understgand that the a/b split-scam scheme there discussed can do this with ~identities~ too. just create a tree of them.
13:07 mircea_popescu people generally misunderstand the extreme power of the fuzzing attack.
13:08 Framedragger phf: i'm curious, what was it that made you to originally regard tptacek highly? was it his words/discussions (and then later you decided that it's the only stuff that the man has actually produced - a fair point i guess, if you dismiss the crypto challenges, for example)?
13:08 Framedragger mircea_popescu: hm, yeah. it can become more serious, i suppose
13:09 Framedragger (need to re-read.)
13:09 Framedragger (ah no i haven't read it before - cool)
13:10 mircea_popescu consider the proper model for this : let there be an unknown endless list of binary questions. you create an endless list of identities, which you publish, 2^(n+1)-1 for the nth question. unknown to anyone but you, they are linked in a tree (ie, you know in advance identity 10111010101 will answer "yes" to q1 no to q2 yes to q 3-5 etc).
13:10 mircea_popescu for an observer, these being unlinked, there's "genius" identity 10111010001 which answered correctly to that many binary questions in a row.
13:10 mircea_popescu in point of fact, there is nothing there.
13:11 mircea_popescu what we ALSO know for a fact is that the count of people actually active on facebook last year (~10mn) is deeply dwarfed by the number of facebook accounts (>1bn).
13:11 mircea_popescu where's the difference from ? and if it were this, who'd know ?
13:12 mircea_popescu and this is just the first step. nothing forces your identities to keep playing ; you can retire them at any point you wish, and now you have a stable of "never wrong over n binary questions" respectables.
13:12 Framedragger mircea_popescu: the point is that whether the difference is from this kind of tree ordering, this is unknowable..
13:12 mircea_popescu this is ~half of the usg "national security" plan, except they suck at both modelling and implementation.
13:13 Framedragger mircea_popescu: uh that was a question, more like
13:13 Framedragger right.
13:13 Framedragger good stuff
13:13 mircea_popescu Framedragger yes, it is unknowable. but the naive defense of the person first contemplating this issue is "oh, this is too noise, i'd hear about it"
13:13 Framedragger nice formal model
13:13 mircea_popescu that works, EXCEPT you already tune things out because... IT IS TOO NOISY
13:13 mircea_popescu so no sort of argument.
13:13 Framedragger true.
13:13 mircea_popescu which is all i mean by that.
13:13 phf Framedragger: i was young and a bum, i recognized all these people because my entertainment machine would reinforce their presence for me. "oh jwz is talking. oh now it's ptacek. oh it's paul graham! squee". but they were always in a different category from say norvig or knuth or naggum. once i started doing and learning (i.e. painfully read knuth, rather than just have him on my shelf) i finally was able to grok the difference.
13:14 mircea_popescu now, to be perfectly clear, i'm not either accusing or suspecting x guy of this, chiefly because i don't imagine he has the resources. nevertheless, phf's objection is much harder to reject than superficially appears.
13:15 asciilifeform a good chunk of what the 'genius splitters' are kept around for is to be blown on annoyances like phuctor.
13:15 asciilifeform (consider how boeck was grown. and used.)
13:15 mircea_popescu more like, a good chunk of what this stable of uselessness tries to argue its usefulness from, is their utter failure to do anything about things like phuctor, misrepresented.
13:16 asciilifeform the particular flavour of tptacek's dismissal of phuctor suggests that it was his 'now do your duty' moment.
13:16 mircea_popescu ironically, people in the contemporary, anglo sense of that term WANT to be these empty identities. no idea why or how; but imo much more serious a threat to anarchism than any kind of authority.
13:16 mircea_popescu gets lulziest when they encounter people who do not want to exchange their life for a fetish, and then explode into "putin doesn't understand how the world works!!1"
13:17 asciilifeform mircea_popescu: this is almost literally what played out in the heathen pit today.
13:17 Framedragger phf: ha, nice. well, fair. (it made me warm inside to recall that i *never* took paul graham for much; anyone who reads only a bit by him on stuff that they know something about will realize this; e.g. http://idlewords.com/2005/04/dabblers_and_blowhards.htm (this is the "website obesity" guy))
13:17 mircea_popescu asciilifeform so it is.
13:20 Framedragger mircea_popescu: just to me, any dreams of "global anarchist revolt" *are* lost on me (i'm terribly naive but not *that* naive). personal responsibility and individualism (vague word, i know) are necessary conditions. and.. yeah, i don't have much hope for humanity, given that...
13:20 Framedragger s/just to me/just ftr/
13:20 mircea_popescu which is how people end up with the notion of butchering most of the extant walkers.
13:21 mircea_popescu not that it's a novel, or worthy idea.
13:22 asciilifeform 'no scripts are new' (tm) (r)
13:22 phf Framedragger: when did you first encounter paul graham?
13:23 Framedragger phf: probably ~7 years ago, give or take; i predict what you're going to say: in 2009, he was already spewing too much nonsense
13:23 Framedragger before, he would try to keep his focus on lisp
13:24 Framedragger and he wrote that book, quite earlier than that
13:24 asciilifeform Framedragger: the man had two - entirely acceptable - school textbooks on common lisp, in 1990s.
13:24 Framedragger so it makes sense for someone who got acquainted with him earlier to regard him more highly
13:24 asciilifeform i have them here.
13:24 Framedragger (i may be mistaken about the actual number of years)
13:25 Framedragger asciilifeform: aha, right.
13:25 Framedragger s/to regard him/to have had regarded him/
13:31 phf i don't really think his message changed, it's just that he started talking about different things. there's the lisper period and then the hackernew/yc/startupschool period. i knew of him, because of the excellent On Lisp book, so i read hackers and painters when it came out, and read that dabblers and blowhards article when it came out, possibly because i thought that hackers and painters was awful (the book literally has low
13:31 phf fractional snr, and only because there's a few paragraphs about how they used clisp at yahoo stores)
13:32 Framedragger http://btcbase.org/log/2016-08-17#1523161 << you know, that's an apt characterization, and i think you're right re that second group of wanna-be anarchists; true, probably. and i am aware that tmsr regards bitcoin *quite* differently indeed, which manifests in the block size discussion etc. yeah.
13:32 a111 Logged on 2016-08-17 16:31 mircea_popescu: i perceive the following problem : in my (rightful) bashing of idiocies (allinged around "colored coins", "dao" etc, that jazz) i distinctly hear the crushed hopes of people who look at those as a refuge from something else, specifically. i suspect it's hwqat you call "anarchists"
13:33 Framedragger phf: ha - nice.
13:33 phf but when i made it to the first startup school, my reaction was "nerds trying to be businessmen, stick to doing nerd things". it took me many years to understand how their fundamental views made them not only suck at life, but also fucked up the computing.
13:43 asciilifeform http://www.cnbc.com/2016/08/16/banks-look-for-cheap-way-to-store-cash-piles-as-rates-go-negative.html << more lulz
13:44 asciilifeform 'After the European Central Bank's most recent rate cut in March, private-sector banks are paying what amounts to an annual levy of 0.4 per cent on most of the funds they keep at the eurozone's 19 national central banks. ... but private bankers and insurers are already thinking of creative ways to avoid those charges altogether. One way is by turning the electronic money they keep at central banks into cold, hard cash. Munich Re has
13:44 asciilifeform experimented successfully with storing a double-digit million sum of euros in cash at what the insurer describes as a manageable cost. A few other German banks, including Commerzbank, the country's second-biggest lender, have also considered taking the step. But when a Swiss pension fund attempted to withdraw a large sum of money from its bank in order to store it in a vault, the bank refused to provide the cash, according to local m
13:44 asciilifeform edia...'
~ 18 minutes ~
14:03 mircea_popescu http://btcbase.org/log/2016-08-17#1523127 << wasn't a star wars reference ; it was a concordat of worms reference. you know, with the guelphs ghibelines et all
14:03 a111 Logged on 2016-08-17 16:23 Framedragger: (also, ha, just saw the star wars parallel)
14:04 mircea_popescu http://btcbase.org/log/2016-08-17#1523262 << you mean eliza ?
14:04 a111 Logged on 2016-08-17 17:00 phf: right, it's sort of a more sophisticated version of alice bot
14:04 phf yes
14:04 mircea_popescu http://btcbase.org/log/2016-08-17#1523186 << btw speaking of this, you know about stephen the great's pants ?
14:04 a111 Logged on 2016-08-17 16:43 phf: mircea_popescu: in orcland, we have game, we put colored pants on people, and let them be our heroes. their pants distinguish their status in hierarchy
14:05 phf no, but i suspect it's a holly relic now
14:06 mircea_popescu this guy, legendary ro leader, fought something like 50 encounters with the turks, won over 90%. including you know, crazy shit with 1.x mn men on opposing side.
14:06 mircea_popescu so joke is, vornic comes to stephen, my lord, the turks are coming. "a lot ?" well... there's the vidin pasha with maybe 100k jannisary + etc
14:07 mircea_popescu "get my my red pants"
14:07 mircea_popescu but why the red ones majesty ? well... if i get hurt, the troops won't see the blood and won't lose heart.
14:07 mircea_popescu so they go, beat the turks back over danube, take trophies, build monastery, rape the nuns etc.
14:07 phf ahaha, sorry i got it
14:07 mircea_popescu next year, my lord, the turks are coming ? "a lot ?" well... suleiman himself, 1mn infantry, more horse than previously known to exist in the world, etc
14:07 mircea_popescu "bring my my brown pants"
14:08 trinque l0l!!
14:08 mircea_popescu >D
14:08 phf :D
14:08 phf proper voievod like, knows when to bleed and when to shit his pants
14:08 mircea_popescu aha.
14:10 asciilifeform sequel: ... the general puts on brown pants, epic battle, he shits pants, loses half of army, but - just barely - wins. but next years... 'sir, whole army of the turk is here.' .... 'bring my miniskirt.'
14:10 mircea_popescu lol
14:11 mircea_popescu actually, this guy died sovereign, over a rather enlarged moldavia (took mostly from poles, lithuanians etc). he left testamentarily that "listen to your old shepherd, deal with the turks ; unlike the russians, the turks keep their word"
14:13 mircea_popescu http://btcbase.org/log/2016-08-17#1523334 << the memory hole effect. un-fucking-washable, for some god forsaken reason.
14:13 a111 Logged on 2016-08-17 17:33 phf: but when i made it to the first startup school, my reaction was "nerds trying to be businessmen, stick to doing nerd things". it took me many years to understand how their fundamental views made them not only suck at life, but also fucked up the computing.
14:14 mircea_popescu http://btcbase.org/log/2016-08-17#1523293 << by the way, i don't think the implication of that discussion can't possibly be understated. for instance, it is a common etatist criticism of "what they call bitcoin" so really, tmsr, that "everyone running a business has an incentive to eventually run so eventually will" sort of thing.
14:14 a111 Logged on 2016-08-17 17:12 mircea_popescu: this is ~half of the usg "national security" plan, except they suck at both modelling and implementation.
14:15 mircea_popescu this point is valid, the only problem is that it mostly discusses THE STATE. yes, every fiat entity has the incentive to eventually pivot ; and they all do. the derps are currently insulated from this by the momentary happenstance that the thieves are in a compact, called "the state", and everyone left outside is well... not someone you'll hear about. because exactly of http://btcbase.org/log/2016-08-17#1523303 "entertainment
14:15 a111 Logged on 2016-08-17 17:13 phf: Framedragger: i was young and a bum, i recognized all these people because my entertainment machine would reinforce their presence for me. "oh jwz is talking. oh now it's ptacek. oh it's paul graham! squee". but they were always in a different category from say norvig or knuth or naggum. once i started doing and learning (i.e. painfully read knuth, rather than just have him on my shelf) i finally was able to grok the difference.
14:15 mircea_popescu machine".
14:17 mircea_popescu historically, it was ensured by exactly the same process that ensures you can find your goat in http://trilema.com/2012/anonimity-or-the-urban-versus-rural-dispute/ - which is to say low pop density and the necessary orcishness therein produced will "protect" you in the sense not having lasers protects you from shining them in your eyes.
14:17 mircea_popescu nobody in the time of voltaire had retina burns from laser watching.
14:17 mircea_popescu which brings us full circle to why exactly it is that universal butchery http://btcbase.org/log/2016-08-17#1523317 : by making fewer people you DO make the problem "go away" ; but you resolve naught.
14:17 a111 Logged on 2016-08-17 17:21 mircea_popescu: not that it's a novel, or worthy idea.
14:19 mircea_popescu so now back to the issue : we have some semblance of defense against what is in fact a universal problem ; they don't, and are in denial. as per the cannonical expression of this situation, http://trilema.com/2015/why-representative-democracy-doesnt-work-and-doesnt-make-sense/#selection-147.267-153.105
14:22 asciilifeform mircea_popescu: the 'split fuzzing', note, is how lizard folk approach virtually ~every~ problem - even the production of 'musicians' by disney, etc.
14:23 asciilifeform mass of chumps is modelled as idiot machine, that dun care that you had previously tried 999,999,999 wrong passwords, etc.
14:24 asciilifeform hence http://btcbase.org/log/2016-08-04#1514935 .
14:24 a111 Logged on 2016-08-04 19:59 mircea_popescu: but it's certainly quite deep. the vermin doesn't merely aim to a comfortable existence, but more importantly to a memory-less situation.
14:31 asciilifeform in other not-quite-noose, https://archive.is/gsdsL << summary of nsa turd. accurate per my own read.
14:42 mircea_popescu asciilifeform quite, yeah.
14:42 mircea_popescu river of meat fishin'.
14:43 mircea_popescu for my sins i ended up with split log situation
14:45 mircea_popescu asciilifeform need i quote at you btw ? "i will believe it when crown jewels leak" ? do you believe now ?
14:45 asciilifeform cisco garbage is not 'crown jewel' to asciilifeform .
14:45 asciilifeform this position has never changed.
14:46 mircea_popescu ...
14:46 asciilifeform 'crown jewel' is, at the very least, something nontrivial from cryptodirectorate.
14:46 mircea_popescu you will never believe.
14:46 asciilifeform i'll believe, when, e.g., the recipe for taking 100MB of aes ciphertext and distilling out the key, is posted.
14:47 asciilifeform or similar.
14:47 asciilifeform i even believe in the authenticity of the cisco crud, it is simply not esp. interesting
14:47 asciilifeform (and certainly not interesting enough to disclaim 'hangout' hypothesis.)
14:47 mircea_popescu a) there is no dispute from you that this was actually their shit ; b) apparently so much is available some of actually their shit can be freely distributed, in gb sized portions.
14:47 asciilifeform ~none of the affected systems are in use today outside of the most godforsaken orclands.
14:47 mircea_popescu these you somehow transform into i have nfi what, but the fact remains : whether the cock went through the cervix into the uter or not,
14:47 mircea_popescu this is no virgin.
14:48 asciilifeform none of it is even 'heartbleed'-grade.
14:48 mircea_popescu "i'm gonna rape you" "i dun believe" *rapes her* "tee hee, my filling is stil lattached to this cavity"
14:48 asciilifeform lel
14:49 asciilifeform if boeck had posted same pile, mircea_popescu would immediately recognize it as 'burning old holes'
14:49 asciilifeform which - imho - it very likely is.
14:49 mircea_popescu anyway, operation SHITTYNAMES
14:50 mircea_popescu asciilifeform lol, what, you mean they moved from py ? to what, ada ?
14:50 asciilifeform who/where
14:51 mircea_popescu their exploit library was also "burned" in the pyre.
14:51 mircea_popescu "fosho"
14:51 asciilifeform well, the ciscolade etc. is particular to 7+ y.o. fw.
14:52 mircea_popescu asciilifeform people stopped buying new cisco cca 2012 anyway.
14:52 asciilifeform in most of the samples, the actual exploit used to get control of the box is not stated, quite likely it consisted of 'interdict the parcel'.
14:52 mircea_popescu what, cookie overflow, ifconfig bug, plenty in there.
14:53 asciilifeform there were a few.
14:54 mircea_popescu anyway.
14:54 mircea_popescu funny shit where the files usg stole from sr are supposedly being sold for x unless they were actually stolen first by freelancing agents etc ; whereas the files ? stole from usg are being sold for 100x.
14:55 asciilifeform ( the thing that is not clear to me is what part of this leak prevents even a single parcel from being intercepted, with old ~or~ new cisco rubbish in it, and patched to admit the cock, supposing any of these devices even ~need~ such treatment, given that the master keys are escrowed already )
14:56 asciilifeform mircea_popescu: dunno that 'send a non-refundable bid, and oh also price is 1 MIL BTC' counts as 'for sale', more of elaborate gag
14:56 asciilifeform ;;balance 19BY2XCgbDe6WtTVbTyzM9eR3LYr6VitWK
14:56 gribble 1.64237
14:56 asciilifeform l0l!
14:56 mircea_popescu right. not how hanno bock'd do it.
14:57 asciilifeform more how wright would do it.
14:57 mircea_popescu possibru.
14:58 asciilifeform (not quite relatedly, why was gribble able to answer the 'balance' question so quickly ?)
14:59 mircea_popescu no idea
14:59 mircea_popescu how long should it take ?
15:00 mircea_popescu asciilifeform pretty lulzy how butthurt they are at the fact bitcoin raped them, though.
15:01 mircea_popescu The auction “is a joke,” Weaver said. “It’s designed to distract. It’s total nonsense.” He said that “bitcoin is so traceable that a Doctor Evil scheme of laundering $1 million, let alone $500 million, is frankly lunacy.”
15:01 mircea_popescu “The stuff they have there is super-duper interesting, but it is by far not the most interesting stuff in the tool set,” he said. “If you had the rest of it, you’d be leading off with that, because you’d be commanding a much higher rate.” << yeah... and then... SELL ADVERTISING.
15:01 mircea_popescu idiots.
15:01 mircea_popescu anyway.
15:02 mircea_popescu empire not doin' so hawt these days.
~ 17 minutes ~
15:19 PeterL http://btcbase.org/log/2016-08-17#1523211 << seeing phuctor breaking things caused me to get off my ass and take the couple minutes to generate a bigger key
15:19 a111 Logged on 2016-08-17 16:50 asciilifeform: Framedragger: phuctor has very little to do with curing particular lepers.
15:19 mircea_popescu self-cure.
15:20 asciilifeform not to raid on the parade, but must point out, phuctor is not a collection of peculiarly-small keyz...
15:21 trinque hail mary, full of grace...
15:21 PeterL what was the biggest it did so far?
15:22 asciilifeform PeterL: http://btcbase.org/log/2016-08-11#1518347
15:22 a111 Logged on 2016-08-11 16:07 asciilifeform: champ : 126044733741731328742413066718552314382419228167112456334027928884317367999330241024168451126326383475145520025295451544372438227070210798265767098934250820341305937931860061514790268968891523470454082874208728274680634763462042122485524526243688604432591998753006364684812749745538152702859571396997177876337
15:22 mircea_popescu largest factor iirc 300ish digits ~ 1k bits.
15:23 PeterL my old key was 1024, I think
15:23 asciilifeform mircea_popescu: correct. as seen above.
15:24 asciilifeform incidentally it is the khadeer & co. modulus.
15:24 asciilifeform the one where (NextPrime(2^1023))^2.
15:27 asciilifeform not to be confused with 'longest modulus for which we have a factor'
15:27 asciilifeform which, iirc, was 16384-bit.
15:28 asciilifeform ('flipolade' can contain arbitrarily short, or long, factors, in any quantity)
15:28 Framedragger asciilifeform: obtw, did the breaking of that khadeer modulus come from you implementing the "check (NextPrime(2^1023))^2" heuristic? 'cause that's bound to yield some new results!
15:29 asciilifeform Framedragger: we have fermat test.
15:29 asciilifeform which picks up any mod where the factors are obscenely close together.
15:29 asciilifeform (e.g., the degenerate case, perfect square, as above.)
15:30 asciilifeform will also pick up q == nextprime(p), say.
15:30 asciilifeform some time next we will have pollard's test.
15:30 asciilifeform betcha it will pop a few moar.
15:31 asciilifeform theoretically any ~inexpensive~ attack, such that i can do it against the whole collection of mods, is fair game.
15:32 asciilifeform if a new one is discovered tomorrow - i will consider it, also.
15:33 asciilifeform the cockroaches assumed, lived entire life, that no one will ever turn over the rocks.
15:33 asciilifeform we - turn them over.
15:34 asciilifeform expect to see moar butthurt scampering a la boeck et al.
15:36 asciilifeform http://btcbase.org/log/2016-08-17#1523442 << actually this is wrong,
15:36 a111 Logged on 2016-08-17 19:24 asciilifeform: incidentally it is the khadeer & co. modulus.
15:36 asciilifeform it is not the khadeer modulus, but the 'xss attack' one.
15:36 asciilifeform found on same day.
15:36 asciilifeform via fermat probe.
15:36 asciilifeform fwiw.
15:37 asciilifeform http://phuctor.nosuchlabs.com/gpgkey/614469D3EF6BF58C797FFD118727304F76F2C921CF1C3419CBF99AFAF8E7A225 << it.
15:38 asciilifeform http://btcbase.org/log/2016-08-17#1523424 << at least a minute ?
15:38 a111 Logged on 2016-08-17 18:59 mircea_popescu: how long should it take ?
15:39 asciilifeform ;;bc,stats
15:39 gribble Current Blocks: 425627 | Current Difficulty: 2.1737548275723764E11 | Next Difficulty At Block: 427391 | Next Difficulty In: 1764 blocks | Next Difficulty In About: 2 weeks, 1 day, 1 hour, 50 minutes, and 46 seconds | Next Difficulty Estimate: None | Estimated Percent Change: None
15:40 Framedragger asciilifeform: ahh, ok. much thanks for elucidation
15:40 asciilifeform there are ~100+G of blocks now.
15:40 asciilifeform how long to walk 100G ?
15:40 asciilifeform (anyone have link to gribble src ? does it keep the 100+G in ram?!)
15:40 Framedragger (..ssd would probably speed things up, just to reiterate..)
15:40 asciilifeform Framedragger: how long does it take to grep a 100G file on your system ?
15:41 asciilifeform or even to simply load it into ram
15:41 Framedragger asciilifeform: grep is amazingly fast because it does it in a smart way (you prolly know). i can give some number but i expect the q is rhetorical (i.e.: it's fast) :)
15:42 Framedragger (re. grep, https://lists.freebsd.org/pipermail/freebsd-current/2010-August/019310.html << just for the logz)
15:42 Framedragger so yeah, fair enough, it's fast
15:44 phf it's the same technique that log uses to search entries, but i lose becase individual chunks of text are not necessarily sequential or localized by page. asciilifeform's for question though is about the fact that simply picking up 100G, page by page, from disk into ram, is expensive
15:47 Framedragger phf: (nice re log search) aha ok.
15:49 phf (of course log wins over grep in total time, because message are already all in ram)
15:54 Framedragger asciilifeform: (14.3s to grep thru 3gb file fwiw)
16:09 asciilifeform sooo either gribble (or whatever service is cribs from) did not actually chug through 100G, or the number is approximate ('in last n blocks...'), or.
16:09 asciilifeform *it cribs
16:10 asciilifeform ;;balance 1XPTgDRhN8RFnzniWCddobD9iKZatrvH4
16:10 gribble 0.0001
16:11 asciilifeform ^ maybe bad example, it is also famous addr
16:11 asciilifeform so potentially cached.
16:11 asciilifeform anyone got an obscure one that last saw tx years ago ?
16:12 PeterL ;;balance 12c6DSiU4Rq3P4ZxziKxzrL5LmMBrzjrJX
16:12 gribble 50.039475
16:13 PeterL or does that not count as obscure?
16:13 asciilifeform anyone know from where gribble pipes ?
16:13 asciilifeform ..mircea_popescu ?
16:14 * danielpbarron guesses it's some bc.info api
16:14 asciilifeform it isn't, granted, impossible to optimize this lookup with pre-index
16:14 asciilifeform but it would be interesting to learn how it was done.
16:24 asciilifeform in other definitely-not-news, https://accu.org/index.php/journals/1898
16:24 asciilifeform ^ possibly for mircea_popescu et al.
16:25 asciilifeform actually nm.
16:25 asciilifeform snore.
16:26 asciilifeform http://esamultimedia.esa.int/docs/esa-x-1819eng.pdf << actual detailed account, unfortunately scanned n-th generation xerox in pdf.
16:41 asciilifeform ;;balance 1DskTjGvWh5KVbiqnb3vvRFyEmCen1UNzL
16:41 gribble 0
16:41 asciilifeform that was certainly quick.
16:42 asciilifeform ( probably there is a 'last seen' addr-to-blockidx hash table, so we get something like O(n log n) lookup. )
16:43 asciilifeform this would be a handy (optional) item to have in trb.
16:43 asciilifeform would readily abolish the idiocy with 'wallet watch' mechanism etc.
16:44 asciilifeform multi-GB data structure though, you would not want it on every node.
~ 31 minutes ~
17:15 BingoBoingo http://btcbase.org/log/2016-08-17#1523264 << Trilema the blog already epic self help cyclopedia.
17:15 a111 Logged on 2016-08-17 17:02 mircea_popescu: #trilema, will rape your mind into a new shape.
17:26 asciilifeform ;;later tell mircea_popescu https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html << lel
17:26 gribble The operation succeeded.
17:27 asciilifeform '...bug in the mixing functions of Libgcrypt's random number generator: An attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output. This bug exists since 1998 in all GnuPG and Libgcrypt versions.'
17:30 phf i believe, that there's a man, somewhere in the bowels of meta-nsa, who can see the entire puzzle picture
17:30 phf stuxnet propagation strategy style..
17:31 asciilifeform phf: do you find it interesting that the particular patch is posted nowhere ?
17:32 asciilifeform and koch wants people to download ~entire tarball~ of src and rebuild ?
17:32 asciilifeform i find it interesting.
17:35 asciilifeform https://security-tracker.debian.org/tracker/CVE-2016-6313 << ok, click on patches at the bottom, then 'diff', yields the diffs.
17:35 asciilifeform http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commitdiff;h=c6dbfe89903d0c8191cf50ecf1abb3c8458b427a;hp=e23eec8c9a602eee0a09851a54db0f5d611f125c
17:36 asciilifeform e.g., https://archive.is/lYEB5 .
17:37 asciilifeform who can tell me the author of the ORIGINAL routine ?
17:39 asciilifeform 'exec summary' for mircea_popescu et al: all gpg keys ever generated have at most 2048 bits of effective entropy.
17:41 phf 98, that must be the man himself?
17:42 asciilifeform must be. unless there are authors not listed in https://www.gnupg.org/people/index.html .
17:44 BingoBoingo asciilifeform: Please to qntra?
17:44 mircea_popescu asciilifeform aha.
17:45 asciilifeform during my audit of the rng routine, i barfed at the whitening and stopped reading.
17:45 asciilifeform fwiw.
17:45 asciilifeform BingoBoingo: i will write it. brb.
17:45 BingoBoingo ty
17:45 mircea_popescu good idea.
17:48 mircea_popescu http://btcbase.org/log/2016-08-17#1523472 << afaik it just imports the blockchain.info version.
17:48 a111 Logged on 2016-08-17 19:40 asciilifeform: how long to walk 100G ?
17:48 mircea_popescu http://btcbase.org/log/2016-08-17#1523477 << believe it or not the grep trick was dissected in logs at length!
17:48 a111 Logged on 2016-08-17 19:41 Framedragger: asciilifeform: grep is amazingly fast because it does it in a smart way (you prolly know). i can give some number but i expect the q is rhetorical (i.e.: it's fast) :)
17:50 mircea_popescu http://btcbase.org/log/2016-08-17#1523509 << afaik trinque is making a wallet :)
17:50 a111 Logged on 2016-08-17 20:43 asciilifeform: would readily abolish the idiocy with 'wallet watch' mechanism etc.
17:52 mircea_popescu http://btcbase.org/log/2016-08-17#1523516 << i don't.
17:52 a111 Logged on 2016-08-17 21:30 phf: i believe, that there's a man, somewhere in the bowels of meta-nsa, who can see the entire puzzle picture
17:52 phf i know, i know, that's an ongoing mp vs ascii dialog
17:52 mircea_popescu http://btcbase.org/log/2016-08-17#1523525 << zimmerman.
17:52 a111 Logged on 2016-08-17 21:39 asciilifeform: 'exec summary' for mircea_popescu et al: all gpg keys ever generated have at most 2048 bits of effective entropy.
17:53 asciilifeform afaik koch didn't use zimmerman's code.
17:53 asciilifeform at least, not admittedly.
17:53 mircea_popescu i dunno about that.
17:53 trinque mircea_popescu: yep, whole point of perfecting the botworks layer by layer
17:53 mircea_popescu aha.
17:56 mircea_popescu asciilifeform the incredible gall of the imbecile, to actually state it as "This bug does not affect the default generation of keys"
17:58 mircea_popescu asciilifeform also ftr that loop is now how you'd do it.
~ 16 minutes ~
18:15 danielpbarron http://btcbase.org/log/2016-08-16#1522544 << related : http://pre14.deviantart.net/3f15/th/pre/i/2012/233/8/1/2012_aircraft_pool_party___complete_by_wsache007-d5bx09w.png
18:15 a111 Logged on 2016-08-16 18:31 mircea_popescu pictures woman flying around with tip of boeing in her snatch, "YES! YES! HARDER!" for a visual.
18:16 asciilifeform BingoBoingo: almost done
18:16 BingoBoingo cool
18:16 BingoBoingo Qntra thanks you for your sexpertise in this matter.
18:20 shinohai greetings #trilema
18:22 asciilifeform $up judywatson
18:22 deedbot judywatson voiced for 30 minutes.
18:24 asciilifeform BingoBoingo: http://wotpaste.cascadianhacker.com/pastes/504e4c41-45db-4774-89bf-447b0269f5c9/?raw=true
18:25 asciilifeform BingoBoingo: 'at time' ought to be 'at times'
18:27 judywatson Exenmy
18:27 judywatson hola mircea_popescu tengas tiempo para mis tetas?
18:29 asciilifeform BingoBoingo: hold off on publication, i'ma revise a bit.
18:29 phf hold the presses!
18:31 * shinohai eagerly awaits asciilifeform publication
18:32 * shinohai also eagerly awaits mircea_popescu for tonite's offering
~ 15 minutes ~
18:47 asciilifeform BingoBoingo: http://wotpaste.cascadianhacker.com/pastes/365ec022-3b92-4388-ba01-9d92115b8f50/?raw=true << now.
18:55 BingoBoingo Is that the revision?
18:55 asciilifeform yes.
18:55 asciilifeform fire at will.
18:55 BingoBoingo k
18:56 asciilifeform there is a missing http:// in the phuctor link.
18:56 asciilifeform everything else ok.
19:02 BingoBoingo up
19:04 deedbot http://qntra.net/2016/08/rng-whitening-bug-weakened-all-versions-of-gpg/ << Qntra - RNG Whitening Bug Weakened All Versions of GPG
19:08 shinohai $up judywatson
19:08 deedbot judywatson voiced for 30 minutes.
19:09 shinohai sorry judywatson mircea_popescu must be out again
~ 16 minutes ~
19:25 BingoBoingo Lateral move http://www.nydailynews.com/new-york/tells-story-nypd-overcoming-crack-dealer-article-1.2645280
19:33 mircea_popescu judywatson ok. b58fe7aa por favor.
19:34 mircea_popescu asciilifeform wtf is that!
19:34 mircea_popescu o i mean danielpbarron not asciilifeform
19:35 mircea_popescu shinohai why is judy watson speaking spanish anyway
19:35 shinohai stage name?
19:36 mircea_popescu i c
19:36 mod6 <@deedbot> http://qntra.net/2016/08/rng-whitening-bug-weakened-all-versions-of-gpg/ << Qntra - RNG Whitening Bug Weakened All Versions of GPG << f.
19:38 BingoBoingo f. what mod6?
19:38 BingoBoingo $up judywatson
19:38 deedbot judywatson voiced for 30 minutes.
19:41 BingoBoingo https://www.reddit.com/r/netsec/comments/4y8xo1/rng_whitening_bug_weakens_gpg/ << try to browse to
19:47 mod6 <+asciilifeform> https://security-tracker.debian.org/tracker/CVE-2016-6313 << ok, click on patches at the bottom, then 'diff', yields the diffs. << werd. thx. i had to resort to cloning the gnupg gitrepo and doing diffs.
19:51 mircea_popescu BingoBoingo aww qntra ate my ol/li spacing in comment.
19:52 BingoBoingo comment field eats lots of things and then shits.
19:52 mircea_popescu aha
19:53 BingoBoingo fixing seems as though it would require mucking up phphhphphphp
19:54 mircea_popescu you can specify what tags to allow in comments in settings.
19:54 mircea_popescu at least in mp-wp :p
19:54 judywatson http://i.imgur.com/lxWg8Uh.png?1
19:56 shinohai mircea_popescu: she said does it count or can you see the letters?
19:56 mircea_popescu works. addy ?
19:57 judywatson 14Y8cfUZ56PvZC8R7u2QCNfojvRtxcdSff
19:58 mircea_popescu aite a sec
19:58 shinohai kk
20:00 shinohai judywatson: dijo el solo un momento
20:01 judywatson amor te agradezco por todo
20:01 judywatson amor te agradezco por todo
20:01 judywatson te doy las gracias por todo
20:01 shinohai de nada
20:04 shinohai thank you for choosing #trilema for your bits for tits needs.
20:10 mod6 <+shinohai> thank you for choosing #trilema for your bits for tits needs. << :D
20:11 mircea_popescu lol
20:11 mod6 <+mircea_popescu> asciilifeform the incredible gall of the imbecile, to actually state it as "This bug does not affect the default generation of keys" << i mean srsly. since 1998!?
20:11 shinohai I could totally make a bidness out of this. Branding!
20:18 deedbot http://www.contravex.com/2016/08/17/the-road-to-the-future-is-paved-with-gravel/ << » Contravex: A blog by Pete Dushenski - The road to the future is paved with gravel.
20:28 asciilifeform ;;later tell mircea_popescu http://qntra.net/2016/08/rng-whitening-bug-weakened-all-versions-of-gpg/#comment-67543
20:28 gribble The operation succeeded.
20:29 mircea_popescu incidentally, this is a point that should be reviewed. is it the case that EACH 600 bytes lose 20, or is it the case that ALL bytes past the 580th are gone ?
20:32 asciilifeform BLOCKLEN==64. DIGESTLEN==20 (working length of the retarded 'patent-free!11111' ripemd hash).
20:32 mircea_popescu yeah wtf ripemd
20:33 asciilifeform eh dafuq am i doing, http://wotpaste.cascadianhacker.com/pastes/522b89a1-b759-40c4-9c04-56bd9316323f/?raw=true
20:33 asciilifeform ^ from mircea_popescu's vintage canned preserve pgp 1.4.10.
20:35 mircea_popescu 30 blocks of 64
20:35 asciilifeform nope
20:35 asciilifeform 30 * 20.
20:35 asciilifeform is the - derived via arse magic - fixed size of the pool.
20:36 asciilifeform (why a pool? why whiten at all? ask koch.)
20:36 mod6 https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html << wtf. this guy doesn't clearsign these emails
20:37 mod6 any one able to get their hands on: "URL: </pipermail/attachments/20160817/9a9f4612/attachment.sig>" ?
20:37 asciilifeform not i.
20:37 mod6 and SHA1 checksums? wtf is this, the 90s?
20:38 asciilifeform mod6: all pgptrons live and die by sha1.
20:38 mod6 i had to hand crank mine up to 512
20:38 asciilifeform this is one of the more egregious festering sores
20:38 asciilifeform mod6: the fp calculation is not adjustable.
20:38 asciilifeform and so all you need to forge a signature is a sha1 collision.
20:38 asciilifeform (when generating ~key~ with which to sign)
20:39 mod6 well, that open-sore yeah.
20:39 asciilifeform this is in the l0gz on several occasions
20:39 mod6 oh yeah
20:39 asciilifeform most recently during the 'linus shortid' thread.
20:39 mod6 we've talked about that a bunch. shit, we even looked at trying to fix it at one time iirc.
20:39 asciilifeform it isn't fixable while conforming to the rfc.
20:39 asciilifeform granted this is not a 'real' forgery because folks with a copy of genuine key are untouchable by it.
20:39 asciilifeform nevertheless.
20:40 asciilifeform folks who only have mircea_popescu's business card - are.
20:40 asciilifeform touchable.
20:40 mod6 <+asciilifeform> it isn't fixable while conforming to the rfc. << ah right. ugh.
20:41 deedbot http://trilema.com/2016/werner-koch-confirmed-usg-stooge/ << Trilema - Werner Koch, confirmed USG stooge
20:41 mod6 <+asciilifeform> folks who only have mircea_popescu's business card - are. << ah, i see what you're sayin'
20:42 asciilifeform know who else ?
20:42 asciilifeform https://bitcoin.org/en/alert/2016-08-17-binary-safety << them. apparently.
20:42 asciilifeform 'Bitcoin.org has reason to suspect that the binaries for the upcoming Bitcoin Core release will likely be targeted by state sponsored attackers. As a website, Bitcoin.org does not have the necessary technical resources to guarantee that we can defend ourselves ...blahblah... The hashes of Bitcoin Core binaries are cryptographically signed with this key. We strongly recommend that you download that key, which should have a fingerprint
20:42 asciilifeform of 01EA5486DE18A882D4C2684590C8019E36C2E964.'
20:43 asciilifeform mircea_popescu: 'the spirochetes are there waiting' << win.
20:47 shinohai bwahahahaha
20:52 mod6 <@deedbot> http://trilema.com/2016/werner-koch-confirmed-usg-stooge/ << Trilema - Werner Koch, confirmed USG stooge << mod this shit up
20:56 mod6 just threw this out to the unwashed ^
20:59 mircea_popescu only win because it's true.
21:00 mod6 :]
21:00 mircea_popescu fuckign shithead, there he sits, going to himself "oh look, these kids are closing in on me, let me say publicly that it's "probably a software bug / cosmic ray".
21:00 mircea_popescu no fucking integrity, no fucking shame, nothing, just zombified walkers.
21:02 mod6 "Some guy
21:02 mod6 downloaded most RSA keys from a keyserver and tried to factor 1.9
21:02 mod6 million moduli"
21:02 asciilifeform nobody, of course, ever heard of any such preposterous thing ?
21:02 mircea_popescu mod6 because whatever inept handler was passing them the talking points didn't even have the modicum of know-your-bizness to get the actual number.
21:03 mircea_popescu then they mysteriously kept copy/pasting the wrong digits off each other and i'm supposed to what, look the other way ?
21:03 mircea_popescu shitheads.
21:03 mod6 ^
21:03 mircea_popescu asciilifeform no that was a mythical "some other guy" in "the past"
21:03 asciilifeform evidently.
21:04 asciilifeform 'lomg, long time ago, in galaxy far, far away'
21:04 mircea_popescu it was all published in "i can't believe it's not a journal"
21:05 mod6 "the PGP team at Symantec" << lel!
21:05 asciilifeform mod6: iirc they own the original zimmerman pgp.
21:05 asciilifeform for some years.
21:05 asciilifeform or what's left of it, anyway.
21:05 mircea_popescu myeah.
21:06 asciilifeform their main function was, iirc, to curate the openpgp working group, to make sure rfc stays replete with braindamage.
21:06 mircea_popescu more's the point here : does that pos actually work so as to get any entropy past the 600 bytes pool ?
21:07 asciilifeform from my current reading, first 20 of every 600 is fixed, for the duration of entire run of process.
21:08 mircea_popescu situation : you go to make key with stock gpg, set it to 4096, ie 512 bytes. it makes you the sign key with 512 entropy bytes, then makes you the encrypt key wirth the remainder 68, and that's it.
21:08 mircea_popescu seems prepasterous in that such narrow space'd have been evident by now
21:08 mircea_popescu but...
21:09 mircea_popescu asciilifeform also importantly, is it the first 20 or the last 20 ? he's claiming the last 20.
21:09 asciilifeform mircea_popescu: it would not be evident.
21:09 mircea_popescu whitening eh.
21:09 asciilifeform mircea_popescu: remember, the ~initial~ contents of the pool are entropic (at least in as far as the os provides)
21:09 asciilifeform the correlant is the FIRST key generated (i.e. primary key)
21:09 asciilifeform (to the subkeys.)
21:11 mircea_popescu anyway, seems proper tmsr-rsa will have to come sooner rather than later.
21:14 mod6 indeed. and thank goodness for that.
21:19 mircea_popescu also, i had never read that dabblers and blowhards essay before, but good god is graham unfucking bearable AND ALSO remarkably undistinguishable from every other foss idiot, from o reilly to who have you, if distilled like that.
21:19 asciilifeform mircea_popescu: upon reflection, there may exist also a mathematical relationship which allows BOTH mods to be broken.
21:19 mircea_popescu oil painting replaced tempera in 1400 ? hoily shit what.
21:19 mircea_popescu asciilifeform there is more to this yes/
21:24 mircea_popescu this gotta be in the logs :
21:24 mircea_popescu " In Paul Graham's world, as soon as oil paint was invented, painting techniques made a discontinuous jump from the fifteenth to the twentienth century, fortuitously allowing Renaissance painters to paint a lot like Paul Graham. And the difficult problems the new medium supposedly helped painters solve just happened to resemble the painting problems that confront an enthusiastic but not particularly talented art student. I ho
21:24 mircea_popescu pe I am not the only to find this highly suspicious.
21:24 mircea_popescu I blame Eric Raymond and to a lesser extent Dave Winer for bringing this kind of schlock writing onto the Internet. Raymond is the original perpetrator of the "what is a hacker?" essay, in which you quickly begin to understand that a hacker is someone who resembles Eric Raymond. Dave Winer has recently and mercifully moved his essays off to audio, but you can still hear him snorfling cashew nuts and talking at length about wh
21:24 mircea_popescu at it means to be a blogger[7] . These essays and this writing style are tempting to people outside the subculture at hand because of their engaging personal tone and idiosyncratic, insider's view. But after a while, you begin to notice that all the essays are an elaborate set of mirrors set up to reflect different facets of the author, in a big distributed act of participatory narcissism. "
21:24 mircea_popescu i couldn't have said it better myself.
21:24 * asciilifeform is cooking up a little experiment.
21:25 * mod6 is looking at mix_pool by hand
21:33 asciilifeform aaah did i ever mention that gcc 5.x won't build gpg 1.4.x ??
21:33 asciilifeform well now i did.
21:35 mod6 heh 'mix_poo'
21:36 mircea_popescu heh
21:41 asciilifeform holy shit
21:41 mircea_popescu yeees ?
21:41 asciilifeform holy mother of shit.
21:42 asciilifeform folks yer gonna have to take this road cone in, a few mm at a time.
21:42 asciilifeform i promise, it will hurt.
21:42 asciilifeform when it fully goes in.
21:42 asciilifeform but slow is better, less tearing.
21:42 mircea_popescu the things you're an expert on ...
21:42 asciilifeform first, you will need mircea_popescu's gnupg-1.4.10.tar.gz.
21:43 asciilifeform sha512==d037041d2e6882fd3b999500b5a7b42be2c224836afc358e1f8a2465c1b74473d518f185b7c324b2c8dec4ffb70e9e34a03c94d1a54cc55d297f40c9745f6e1b
21:43 asciilifeform after this, you will need http://wotpaste.cascadianhacker.com/pastes/e63a6d1f-5f34-4be4-9e9f-0226dc8b8de2/?raw=true
21:44 asciilifeform it is quicker to throw in the extra 'hexdump' line by hand, than to get the patch ducks in a row, imho.
21:44 BingoBoingo Do we break pinky for anesthetic value now or later
21:44 asciilifeform then, build.
21:44 asciilifeform now folks get in some lube, you will need it:
21:45 asciilifeform http://wotpaste.cascadianhacker.com/pastes/51515493-1d40-446b-99d0-932642d8b90d/?raw=true << sample output.
21:45 asciilifeform for 2048-bit key.
21:45 asciilifeform do i need to keep going, draw a picture ?
21:46 mircea_popescu ie, mostly 0s
21:46 asciilifeform aha.
21:46 asciilifeform and this isn't even the koch scenario.
21:46 mircea_popescu such entropy.
21:46 * asciilifeform brb, phood
21:47 * mod6 builds
21:54 mod6 http://wotpaste.cascadianhacker.com/pastes/4381e490-0696-47ae-8799-7fb27724a99c/?raw=true
21:55 mod6 much fail
21:56 mircea_popescu im cooking it.
22:03 mircea_popescu hm where the fuck does it spit the binary after all ?
22:03 mircea_popescu "g10" mkay. sheesh.
22:03 mod6 into g10
22:03 mod6 yup
22:04 asciilifeform see my paste.
22:04 asciilifeform it has path.
22:04 mircea_popescu aite, cooking a key.
22:05 mircea_popescu asciilifeform plox to qntra.
22:06 mircea_popescu oya.
22:07 mircea_popescu asciilifeform actually - seems it's just slowly populating it ?
22:08 mircea_popescu jesus mother of holy shit, two different problems.
22:11 asciilifeform mircea_popescu: N problems.
22:11 mircea_popescu asciilifeform http://trilema.com/2016/werner-koch-confirmed-usg-stooge/ << admire the FF FF pairs, among other things.
22:11 asciilifeform if somebody wants to replicate on gpg 2.x, plox.
22:11 mircea_popescu turns out EVERYTHING phuctor found comes straight from usg.koch
22:12 asciilifeform more or less.
22:13 mircea_popescu epic.
22:13 mircea_popescu so basically... the best key produced by stock gpg is... wait for it... about 700 or so bits strong.
22:13 mircea_popescu hurr.
22:13 BingoBoingo ;;later tell pete_dushenski everything a person needs to know about dating can be found on Trilema
22:13 gribble The operation succeeded.
22:13 asciilifeform no this is optimistic mircea_popescu .
22:14 asciilifeform the more known bits in modulus, the easier to reconstruct whole thing.
22:14 mircea_popescu i'm an optimistic kinda guy.
22:15 asciilifeform at AT MOST 0.27 of the total, the rape is polynomial.
22:16 BingoBoingo So is S.NSA going to have a line item expense for alf.dope this month?
22:16 asciilifeform (the bound may conceivably be lower)
22:16 mircea_popescu lol
22:17 asciilifeform dunno what kind of dope is even called on such occasion.
22:18 * asciilifeform pictures boeck, poor idiot, waking up at 4 in the morning, called to do his dooooty
22:18 BingoBoingo Cheap vodka will prolly be fine. You're on an accelerated schedule now. Prolly it bottom next week and begin rehabbing by Sept 1st.
22:25 asciilifeform observe how primary key is always WEAKEST.
22:26 mircea_popescu aha.
22:27 mircea_popescu asciilifeform incidentally their dumbass "manual" https://gnupg.org/documentation/manuals/gcrypt/Prime_002dNumber_002dGenerator-Subsystem-Architecture.html references /cipher/ which is gone in 2.0 trunk
22:27 mircea_popescu and you should see keygen.c THERE
22:28 asciilifeform mircea_popescu: if you built it, post the dump plox.
22:28 mircea_popescu i'm still untangling wtf it does to get primes.
22:28 mircea_popescu entirely undocumented bullshit.
22:30 asciilifeform gpg 2.x uses gcrypt lib.
22:30 asciilifeform so the lunacy isn't even CONTAINED in it
22:31 mircea_popescu "put the key into an S-expression"
22:31 asciilifeform but in gcrypt.
22:31 mircea_popescu ah that's what it was huh. standardization of diddling.
22:31 asciilifeform aha.
22:31 BingoBoingo $b 2
22:32 asciilifeform in libgcrypt, the thing is in cipher/primegen.c
22:33 asciilifeform put the hex dump RIGHT AFTER the 'mpi_set_bit(prime,0)' idiocy
22:33 asciilifeform just like in gpg 1.4.10.
22:33 asciilifeform gentlemen, start yer engines.
22:34 mircea_popescu there is no cipher/primegen.c in 2.0 ?
22:34 asciilifeform again it isn't in gpg !
22:34 asciilifeform it is in libgcrypt
22:34 asciilifeform the copy i happen to have pulled from my arse at this moment is 1.5.1.
22:34 mircea_popescu 2.8mb holy fuck already
22:34 asciilifeform aha.
22:34 BingoBoingo <asciilifeform> observe how primary key is always WEAKEST. << But pinoy insists opposite-day <asciilifeform> observe how primary key is always WEAKEST.
22:34 mircea_popescu im going to try 1.7.3
22:34 BingoBoingo https://www.reddit.com/r/security/comments/4y8w7s/rng_whitening_bug_weakened_all_versions_of_gpg/
22:35 BingoBoingo ^ Where pinoy insists opposite
22:35 asciilifeform BingoBoingo: i'm not even bothering with that crapolade nao.
22:36 BingoBoingo asciilifeform: Good. You accepted Step 1. You are powerless over social media and all it does it eat your time.
22:36 BingoBoingo And makes your life unmanageable etc...
22:36 asciilifeform approx.
22:36 mircea_popescu asciilifeform does building gpg build libgcrypt auto ?
22:36 asciilifeform nope.
22:36 asciilifeform you gotta build libgcrypt and then tell gpg's ./configure where to find it
22:37 asciilifeform ./configure --with-libgcrypt-prefix /where/you/put/it
22:37 mircea_popescu aite.
22:38 asciilifeform (grep 'configure' for 'with-libgcrypt', see how many other crud libs it demands...)
22:38 mircea_popescu ~/gpg-2.0.30/libgcrypt-1.7.3$ make
22:38 mircea_popescu make: *** No targets specified and no makefile found. Stop.
22:38 mircea_popescu yet the makefile is right there ?!
22:38 asciilifeform didja ./configure it ?
22:38 mircea_popescu yeah
22:39 asciilifeform libgcrypt, i mean
22:39 mircea_popescu oh shit. configure: error: libgpg-error is needed.
22:39 mircea_popescu what the fuck is wrong with these people!
22:39 asciilifeform if no makefile, it didn't get ./configure'd.
22:39 asciilifeform aha
22:39 mircea_popescu is it going to walk me one by one through the entire list of loserdom, lib"assuan" and whatnot ?
22:40 asciilifeform fastest way to get all the deps is to simply grab a sacrificial (e.g., 'african') box and let it install gpg2
22:40 asciilifeform then build the new gpg2 as described here.
22:40 asciilifeform it will pull the deps you didn't tell ./configure about from the various pestholes they normally end up in.
22:44 mircea_popescu fucking nightmare. so the lib-error shit compiled, but obviously ./configure --with-libgpg-error-prefix="/home/mircea/gpg-2.0.30/libgpg-error-1.24/" does nothing, with or without quotes
22:44 asciilifeform nonononono
22:44 asciilifeform you want this only when building gpg.
22:45 mircea_popescu how do i build libgcrypt then ?
22:45 asciilifeform and it'll look like ./configure --with-libgpg-error-prefix="/home/mircea/libgcrypt-something
22:45 asciilifeform "
22:45 asciilifeform build gcrypt normally other than the added hexdump line.
22:45 asciilifeform ./configure
22:45 asciilifeform make
22:45 asciilifeform .
22:45 mircea_popescu it dies becausde needs lib-error
22:45 mircea_popescu you don't properly appreciate the chain of braindamage.
22:45 mircea_popescu they made dependencies like 1->2->3
22:46 asciilifeform which is why 'let heathen box pull the binary deps'
22:46 mircea_popescu do you mind ?
22:46 asciilifeform well if you want to do this the gentoo way, actually gotta build libgpgerror
22:46 asciilifeform lessee, it built ?
22:46 mircea_popescu it did.
22:47 asciilifeform post output of failed ./configure .
22:47 mircea_popescu from autogen : "--with-gpg-error-prefix=@SYSROOT@" << what format does that take if not fucking path
22:48 mircea_popescu asciilifeform :checking for GPG Error - version >= 1.13... no
22:48 mircea_popescu configure: error: libgpg-error is needed.
22:48 mircea_popescu See ftp://ftp.gnupg.org/gcrypt/libgpg-error/ .
22:49 asciilifeform hmm
22:49 mircea_popescu what's it looking for, something like libgpg-error.a ?
22:49 asciilifeform aha
22:50 asciilifeform when you built gpg-error, it shat out a binary, gpg-error-config
22:50 asciilifeform find it and run gpg-error-config --prefix.
22:50 asciilifeform that's the prefix the gpg2 abortion wants.
22:51 mircea_popescu holy shit .a is in /src/
22:51 asciilifeform lel.
22:51 mircea_popescu AND it returns "/usr/local"
22:51 mircea_popescu fuck me sideways what.
22:52 asciilifeform hey there was a reason i did not start with gpg2.
22:52 mircea_popescu this is so broken. srsly, nuts.
22:52 mircea_popescu ~/gpg-2.0.30/libgpg-error-1.24/src$ ./gpg-error-config --prefix
22:52 mircea_popescu /usr/local
22:52 mircea_popescu ARE THEY MAD???
22:53 asciilifeform perhaps just sad.
22:53 BingoBoingo brb
22:53 mircea_popescu so now, if i put the path in autogen.rc, nothing happens.
22:55 asciilifeform oh and on top of this,
22:55 asciilifeform there's no log_hexdump in libgcrypt.
22:55 asciilifeform _gcry_log_printhex instead.
22:57 asciilifeform presently testing on a box that had the deps crapolade
22:57 asciilifeform now for the magic moment.
22:58 asciilifeform gpg-2.0.22 and libgcrypt 1.5.1
22:59 asciilifeform http://wotpaste.cascadianhacker.com/pastes/7a7a03b8-9417-4d8b-912e-4345dbfeb482/?raw=true << mega-l0l.
23:00 mircea_popescu so 2.0.22 can't generate a key and 2.0.30 can't compile.
23:00 asciilifeform apparently.
23:01 asciilifeform not, at least, without some strange heathen magic, which i apparently lack here.
23:01 mircea_popescu ftr thee test is : if test "x$GPG_ERROR_LIBS" = "x"; then
23:01 mircea_popescu i figure i just go "x/path" lessee.
23:01 mod6 i can'gnupg-2.0.30 to build either
23:02 mod6 *can't
23:02 mircea_popescu mod6 same symptoms ?
23:02 mod6 yup
23:02 mircea_popescu mod6 edit configure, the test above with your path.
23:03 mod6 hm, ok
23:03 mircea_popescu ah no
23:03 mircea_popescu it just passes the test but dies on make nm
23:07 mircea_popescu for bonus lulz ftp://ftp.gnupg.org/gcrypt/libgpg-error/x
23:07 asciilifeform ugh
23:07 mircea_popescu you don't understand how the x works.
23:09 mod6 ok got close
23:09 mod6 ./.libs/libgcrypt.so: undefined reference to `log_hexdump'
23:09 mircea_popescu o you got it. what did you do ?
23:09 asciilifeform mod6: see earlier in log
23:09 asciilifeform <asciilifeform> _gcry_log_printhex instead.
23:09 mircea_popescu mod6 _gcry_log_printhex instead of it.
23:09 mod6 mircea_popescu: so, instead of doing all the things with --prefix, i just started straight out building all the deps and installing them.
23:10 mircea_popescu oh. im not fucking insalling his bs.
23:10 mircea_popescu what the fuck is this.
23:10 mod6 yah, this is just a test box.
23:10 mircea_popescu fuck him.
23:10 mod6 no doubt.
23:10 asciilifeform this is, i warned, quite laborious.
23:10 mircea_popescu dude the sheer insanity...
23:11 asciilifeform i built it, refuses to run without 'gpg-agent'
23:11 asciilifeform which does ???.
23:11 asciilifeform funnily enough, testing on a box that, long ago, used to have gpg2 working...
23:11 asciilifeform (since rooted out)
23:12 mircea_popescu eulora builds ~500 times easier than this dumb shit.
23:12 mircea_popescu arguably it's a lot more useful, too.
23:13 mod6 2.x is such a pile of dung
23:16 asciilifeform $up boolcrap1
23:16 deedbot boolcrap1 voiced for 30 minutes.
23:16 boolcrap1 yo
23:16 boolcrap1 what is good
23:16 asciilifeform boolcrap1: consider reading the channel log
23:16 boolcrap1 I'm not sure im that dedicated to trilema yet
23:17 asciilifeform boolcrap1: http://btcbase.org/log
23:17 asciilifeform boolcrap1: i promise, you'll like this one.
23:17 mircea_popescu nope, export ld path dun do it either.
23:19 asciilifeform soooooo literature survey is in
23:19 mircea_popescu anyway, i'm giving up on this bs. gnupg 2.0 doesn't even exist, contrary to nonsense noise on social media.
23:19 mircea_popescu let them figure out how to release software first.
23:19 asciilifeform sarkar and maitra give us a bang if we know 0.266N consecutive shared bits.
23:20 asciilifeform (anywhere in the mod pair)
23:20 asciilifeform this may be enough to blow away a good fraction of extant gpg pubkeys.
23:20 mircea_popescu asciilifeform if you look at the 4kb thing i published : there's no actual contiguity. just fields of double FFs
23:20 asciilifeform contiguity of ~shared string~
23:20 asciilifeform between two public mods.
23:20 asciilifeform e.g. primkey and subkey.
23:21 asciilifeform hmm, 0.21 'in practice.'
23:21 mod6 ok mine is going...
23:22 asciilifeform that's ~26 bytes of a 1024-bit prime.
23:22 asciilifeform 27.
23:22 mircea_popescu 27
23:22 asciilifeform and this is not a hard bound, either
23:23 asciilifeform just that when you dance off its edge, required horsepower grows exponentially
23:23 mircea_popescu im guessing phuctor is getting some new shit stuck on either side.
23:23 asciilifeform quite likely.
23:25 mod6 http://wotpaste.cascadianhacker.com/pastes/16757709-7f5d-45f7-a260-79cde334dc93/?raw=true
23:25 mircea_popescu asciilifeform FF FF still there.
23:26 mircea_popescu and look at all the bonus zero fields
23:26 mircea_popescu mod6 do a ocupla more ?
23:26 mod6 i can sure.
23:26 mod6 give me a few here...
23:27 mircea_popescu np.
23:27 asciilifeform btw mircea_popescu ....
23:27 asciilifeform my runs have upper 32 BYTES in common.
23:28 asciilifeform http://wotpaste.cascadianhacker.com/pastes/51515493-1d40-446b-99d0-932642d8b90d/?raw=true << for instance.
23:28 asciilifeform (linked earlier)
23:28 asciilifeform this is a headshot.
23:29 mircea_popescu ima run a bunch and we can see
23:31 mircea_popescu in other lulz : when generating a new key, name NEEDS to be at least 5 chars long. password however - can be 4.
23:33 asciilifeform soooo the subkey idiocy is apparently the 2nd half of a bipartite poison.
23:33 asciilifeform the diddled rng being the first.
23:33 mircea_popescu yes.
23:35 asciilifeform this is promising to be a very awkward occasion.
23:35 asciilifeform does mircea_popescu fully apprehend where this train is going ?
23:35 mircea_popescu to the lulz mine ?
23:36 asciilifeform http://wotpaste.cascadianhacker.com/pastes/f6355da8-4a82-40d2-a6a0-d1217232dbac/?raw=true << this, for instance, is mircea_popescu's pub.
23:37 mircea_popescu aha.
23:37 asciilifeform got n1, b9 4e de 87 7a....
23:37 asciilifeform and n2, bf ce 64 f1 43 f2 ...
23:38 asciilifeform generated one after another while process ran.
23:38 asciilifeform and here is mine, http://wotpaste.cascadianhacker.com/pastes/cebf02d3-4b28-4e34-a66b-aa3edb3bd6e1/?raw=true
23:38 mircea_popescu maybe.
23:38 asciilifeform ^ hopefully not surprising
23:41 mircea_popescu you mean, they start with same 4 bits ?
23:41 asciilifeform nono
23:41 asciilifeform these are moduli
23:41 asciilifeform p and q have already been multiplied.
23:41 asciilifeform nothing odd, of course, to the naked aye.
23:41 asciilifeform eye
23:42 mircea_popescu so then what'd be surprising or wut ?
23:42 asciilifeform but chances are that p1 and q1 share top 32 bit
23:42 asciilifeform ditto p2, q2.
23:43 mod6 http://wotpaste.cascadianhacker.com/pastes/986c1c9c-da8c-4c71-800e-111fdc35d8d6/?raw=true
23:43 asciilifeform and all of p1,q1,p2,q2 share at least top 20 bit.
23:43 mod6 i'll do one more
23:43 mircea_popescu http://wotpaste.cascadianhacker.com/pastes/55bf0b65-8784-49f0-895b-e3eb0793afc7/?raw=true << further 1.4. the ff's went away, 0s came in...
23:44 mircea_popescu asciilifeform trivial for me to dump these i just generated, let's see
23:44 asciilifeform the other thing,
23:44 asciilifeform sarkar et al promises (the recipe is quite gnarly) ANY substring
23:44 asciilifeform not necessarily top, or bottom of prime.
23:46 asciilifeform btw, here is a handy elementary proof of a certain thing,
23:48 asciilifeform if we know B - k shared topmost bits, then the work required to break in comparison with work W, supposing we knew B bits, is at most W*(2^k).
23:48 asciilifeform is this obvious or do i need to draw picture.
23:48 asciilifeform note that this is an upper bound, it applies regardless of what kind of magic is used.
23:48 mircea_popescu yes.
23:49 asciilifeform so this thing parallelizes 'embarrasingly'.
23:49 mircea_popescu this is weird... so this thing when told to dump priv key dumps THE SAME BLOCK irrespective of which user is indicated.
23:51 mircea_popescu check it out... if you do ANYTHING but -a "username", ie no quotes, or fp or anything, it just dumps ALL PRIVKEYS IT KNOWS.
23:51 asciilifeform lel
23:51 mircea_popescu including if you try -r
23:51 mod6 http://wotpaste.cascadianhacker.com/pastes/e8051eb2-9dca-4d40-9f08-5b38943bbb73/?raw=true
23:52 mircea_popescu anyway, http://wotpaste.cascadianhacker.com/pastes/9a20f5a7-7afd-4a74-ad78-b8217288c5e6/?raw=true << the two just generated keys.
23:52 mircea_popescu asciilifeform what were you cutting these up with again ?
23:53 asciilifeform pgpdump -i foo.asc
23:54 mircea_popescu heh.
23:54 mircea_popescu WARNING: The following packages cannot be authenticated!
23:54 mircea_popescu pgpdump
23:54 mircea_popescu Install these packages without verification [y/N]?
23:54 mircea_popescu so much win.
23:54 asciilifeform build it from src, it is small.
23:54 mircea_popescu atm i can't takle the aggravation of bulding anything.
23:55 mircea_popescu btw folks - wotpaste wipes shit daily. make sure you save what you want.
23:55 mircea_popescu phf an auto-archive for links would be so cool right about now...
23:56 asciilifeform http://wotpaste.cascadianhacker.com/pastes/547e0a4f-8f73-43f2-82f2-9b5d540ff249/
23:56 asciilifeform and
23:56 asciilifeform http://wotpaste.cascadianhacker.com/pastes/9a139b53-7122-4eaf-b940-2407ca5d8974/
23:56 asciilifeform .
23:56 asciilifeform mircea_popescu: this is useless
23:56 asciilifeform you gave it a passphrase.
23:56 mircea_popescu oh shit.
23:57 mod6 oh, i did the same. "asdf" iirc.
23:57 mod6 i can regen tho
23:57 asciilifeform http://wotpaste.cascadianhacker.com/pastes/ababdff0-7902-42b8-9d39-732e1a701116/?raw=true
23:58 asciilifeform ^ from my original shot.
23:59 asciilifeform ... it looks as if there is an extra layer of shuffle not accounted for by the dump?
23:59 mircea_popescu ripemd ?
23:59 asciilifeform nope
← 2016-08-16 | 2016-08-18 →